Another round of advisories for the month of May, including a critical notification from Microsoft and even the NSA, urging customers to ensure deployments of Windows 7, Server 2008 and out of support versions (Windows XP / Server 2003) receive available patches. Security organizations and researchers are warning that a wormable exploit targeting unpatched systems will probably appear in the coming months and could spread quickly from one infected system to other vulnerable systems on the same network. The VLCM Cybersecurity team is urging customers to apply the associated patches as soon as possible and also ensure no vulnerable systems are exposed to the public Internet, especially systems with remote desktop enabled.
Mozilla Releases Security Updates for Firefox
May 21, 2019
Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 67 and Firefox ESR 60.7 and apply the necessary updates.
Microsoft Releases Security Updates to Address Remote Code Execution Vulnerability
May 16, 2019
Microsoft has released security updates to address a remote code execution vulnerability in the following in-support and out-of-support operating systems:
- In-support systems: Windows 7, Windows Server 2008 R2, and Windows Server 2008
- Out-of-support systems: Windows 2003 and Windows XP
A remote attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and Microsoft Customer Guidance for CVE-2019-0708 and apply the necessary updates.
Cisco Releases Security Updates for Multiple Products
May 15, 2019
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisories page and apply the necessary updates.
VMware Releases Security Updates
May 14, 2019
VMware has released security updates to address vulnerabilities in vCenter Server, ESXi, Workstation, and Fusion. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisories VMSA-2019-0007 and VMSA-2019-0008 and apply the necessary updates.
Adobe Releases Security Updates
May 14, 2019
Adobe has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Adobe Security Bulletins APSB19-29, APSB19-26, and APSB19-18 and apply the necessary updates.
Intel Releases Security Updates, Mitigations for Multiple Products
May 14, 2019
Intel has released security updates and recommendations to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Intel Product Security Center Advisories page, apply the necessary mitigations, and refer to vendors for appropriate patches, when available.
Microsoft Releases May 2019 Security Updates
May 14, 2019
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Microsoft’s May 2019 Security Update Summary and Deployment Information and apply the necessary updates.
Facebook Releases Security Advisory for WhatsApp
May 14, 2019
Facebook has released a security advisory to address a vulnerability in WhatsApp. A remote attacker could exploit this vulnerability to take control of an affected device.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users to review the Facebook Security Advisory for CVE-2019-3568 and upgrade to the appropriate version.
Apple Releases Multiple Security Updates
May 14, 2019
Apple has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:
- watchOS 5.2.1
- Safari 12.1.1
- Apple TV Software 7.3
- tvOS 12.3
- iOS 12.3
- macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra
Cisco Releases Security Updates
May 14, 2019
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- Cisco IOS XE Software Web UI Command Injection Vulnerability cisco-sa-20190513-webui
- Cisco Secure Boot Hardware Tampering Vulnerability cisco-sa-20190513-secureboot
North Korean Malicious Cyber Activity
May 9, 2019
The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have identified a malware variant—referred to as ELECTRICFISH—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review Malware Analysis Report (MAR) MAR-10135536-21 and the page on HIDDEN COBRA - North Korean Malicious Cyber Activity for more information.
PrinterLogic Print Management Software Vulnerabilities
May 6, 2019
The CERT Coordination Center (CERT/CC) has released information on vulnerabilities affecting PrinterLogic Print Management Software. A remote attacker could exploit these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the CERT/CC Vulnerability Note VU#1629249 and consider the listed workarounds until patches are made available.
Cisco Releases Security Updates
May 1, 2019
Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory page and apply the necessary updates.
Google Releases Security Updates for Chrome
May 1, 2019
Google has released Chrome version 74.0.3729.131 for Windows, Mac, and Linux. This version addresses two vulnerabilities, one of which an attacker could exploit to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.
